Stay Connected With RISC-V
We send occasional news about RISC-V technical progress, news, and events.
- This event has passed.
NIST PQC Seminar
April 4, 2023
Dr. Markku-Juhani O. Saarinen Staff Cryptography Architect, PQShield Ltd
Intro to Side-Channel Security of NIST PQC Standards
Abstract
Why are side-channel countermeasures for Dilithium so much more complex than those for ECDSA? What do I need to do to protect hash-based signatures, and why do engineers consider Ascon and SHA3 to be “easier to protect” against side-channel attacks than SHA2?
Based on the latest academic research and the experience of developing side-channel secured versions of Kyber and Dilithium for commercial silicon, we dissect recent NIST PQC standards and discuss masking gadgets and other industry-standard countermeasures required to protect them against power- and emission-based side-channel attacks (DPA, DEMA). We discuss the cost (area, latency, energy) of these countermeasures on microcontroller targets and especially with custom hardware.
This engineering-oriented talk will also briefly overview FIPS 140-3 “non-invasive mitigation” side-channel testing methods (likely based on ISO 17825) and how side-channel issues are addressed in high-assurance Common Criteria certifications used for smart cards, secure elements, and platform security.
Why are side-channel countermeasures for Dilithium so much more complex than those for ECDSA? What do I need to do to protect hash-based signatures, and why do engineers consider Ascon and SHA3 to be “easier to protect” against side-channel attacks than SHA2?
Based on the latest academic research and the experience of developing side-channel secured versions of Kyber and Dilithium for commercial silicon, we dissect recent NIST PQC standards and discuss masking gadgets and other industry-standard countermeasures required to protect them against power- and emission-based side-channel attacks (DPA, DEMA). We discuss the cost (area, latency, energy) of these countermeasures on microcontroller targets and especially with custom hardware.
This engineering-oriented talk will also briefly overview FIPS 140-3 “non-invasive mitigation” side-channel testing methods (likely based on ISO 17825) and how side-channel issues are addressed in high-assurance Common Criteria certifications used for smart cards, secure elements, and platform security.
The NIST seminars are open to the public. Join here.